The decision was made to NOT retain any "backdoor" because of the risk of that information leaking out and creating the same situation we had in the first place. (See below for more details)Ĭhanging the root password comes with some acceptance of responsibility in remembering the new password. To provide some new, more intuitive, means to change the root password.
To give a visual indication when the default root password is still in use on any monitored RW (by means of an exclamation mark in conjunction with the RW Icon in the RW list).A letter was sent to known customers and dealers advising them to change their root password (along with instructions on how to do so using RWAC).In support of this effort, two main things were done: As part of a Security Initiative by Steelcase, it was decided that we should encourage Customers to change their root password. Over time, this password became "general knowledge" and left RWs vulnerable to anyone who might want to access them using this PW. Very few customers were changing the root PW. The default PW, "ScRwPw01" was to be used by Tech Support and system Administrators to administer and debug RWs. Until very recently (12/2016) most RWs were left in their default condition with respect to root password. RoomWizard can be accessed via the "root" account using a password and most/all of the function of the RW can then be accessed once this account connection is established.
0 kommentar(er)
